Continuing series with more detail on security. Add C# code to detect Azure AD group membership. When REST API call for data is made to WebAPI HTTPS endpoint we already validate Azure AD authentication token (user part of AAD).

Building upon this, we can add AAD Security Group membership detection for business logic “If user is member of HELLOWORLD group then provide data. Otherwise access denied.”

For that, we translate the AAD Security Group into GUID number by locating the group at https://portal.azure.com. Steps cover how to update AAD token, C# dot net code for WebAPI endpoint, and verify secrurity with Postman. Cheers.